CVE-2023-25500 Information

Description

Possible information disclosure in Vaadin 10.0.0 to 10.0.23 11.0.0 to 14.10.1 15.0.0 to 22.0.28 23.0.0 to 23.3.13 24.0.0 to 24.0.6 24.1.0.alpha1 to 24.1.0.rc2 resulting in potential information disclosure of class and method names in RPC responses by sending modified requests.

Reference

https://github.com/vaadin/flow/pull/16935 https://vaadin.com/security/cve-2023-25500